Commit 7db42b1a4f0e15639a6b4b219f2f45a931b8380a

Authored by Casper Valdemar Poulsen
1 parent 0e86da08df
Exists in master

added code

Showing 6 changed files with 96 additions and 0 deletions Side-by-side Diff

app/controllers/saml_controller.rb View file @ 7db42b1
  1 +require 'onelogin/saml'
  2 +
  3 +class SamlController < ApplicationController
  4 + skip_before_filter :verify_authenticity_token, :only => [:consume]
  5 + skip_before_filter :check_if_login_required
  6 +
  7 + def index
  8 + settings = Account.get_saml_settings
  9 + request = Onelogin::Saml::Authrequest.new
  10 + redirect_to(request.create(settings))
  11 + end
  12 +
  13 + def consume
  14 + response = Onelogin::Saml::Response.new(params[:SAMLResponse])
  15 + response.settings = Account.get_saml_settings
  16 +
  17 + if response.is_valid? && user = User.find_by_mail(response.name_id)
  18 +
  19 + self.logged_user = user
  20 + # generate a key and set cookie if autologin
  21 + if params[:autologin] && Setting.autologin?
  22 + token = Token.create(:user => user, :action => 'autologin')
  23 + cookies[:autologin] = { :value => token.value, :expires => 1.year.from_now }
  24 + end
  25 + call_hook(:controller_account_success_authentication_after, {:user => user })
  26 + redirect_back_or_default :controller => 'my', :action => 'page'
  27 +
  28 + else
  29 + invalid_credentials(user)
  30 + error = l(:notice_account_invalid_creditentials)
  31 + end
  32 + end
  33 +
  34 + def complete
  35 + end
  36 +
  37 + def fail
  38 + end
  39 +
  40 +end
app/models/account.rb View file @ 7db42b1
  1 +require 'onelogin/saml'
  2 +
  3 +class Account < ActiveRecord::Base
  4 + def Account.get_saml_settings
  5 +
  6 + options = YAML::load(ERB.new(IO.read(File.join(Rails.root, 'config', 'saml_auth.yml'))).result)
  7 + settings = Onelogin::Saml::Settings.new
  8 +
  9 + settings.assertion_consumer_service_url = options[Rails.env]['assertion_consumer_service_url']
  10 + settings.issuer = options[Rails.env]['issuer']
  11 + settings.idp_sso_target_url = options[Rails.env]['idp_sso_target_url']
  12 + settings.idp_cert_fingerprint = options[Rails.env]['idp_cert_fingerprint']
  13 + settings.name_identifier_format = options[Rails.env]['name_identifier_format']
  14 +
  15 + settings
  16 + end
  17 +end
config/routes.rb View file @ 7db42b1
  1 +ActionController::Routing::Routes.draw do |map|
  2 + map.saml_login 'auth/saml', :controller => 'saml', :action => 'index'
  3 + map.saml_consume 'auth/saml/consume', :controller => 'saml', :action => 'consume'
  4 +end
config/saml_auth.yml.example View file @ 7db42b1
  1 +test:
  2 + enabled: true
  3 + assertion_consumer_service_url: "http://localhost:3000/auth/saml/consume"
  4 + issuer: "http://localhost:3000"
  5 + idp_sso_target_url: "https://app.onelogin.com/saml/signon/12345"
  6 + idp_cert_fingerprint: "90:CC:16:F0:8D:A6:D1:C6:BB:27:2D:BA:93:80:1A:1F:16:8E:4E:08"
  7 + name_identifier_format: "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
  8 +development:
  9 + enabled: true
  10 + assertion_consumer_service_url: "http://localhost:3000/auth/saml/consume"
  11 + issuer: "http://localhost:3000"
  12 + idp_sso_target_url: "https://app.onelogin.com/saml/signon/12345"
  13 + idp_cert_fingerprint: "90:CC:16:F0:8D:A6:D1:C6:BB:27:2D:BA:93:80:1A:1F:16:8E:4E:08"
  14 + name_identifier_format: "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
  15 +production:
  16 + enabled: true
  17 + assertion_consumer_service_url: "http://localhost:3000/auth/saml/consume"
  18 + issuer: "http://localhost:3000"
  19 + idp_sso_target_url: "https://app.onelogin.com/saml/signon/12345"
  20 + idp_cert_fingerprint: "90:CC:16:F0:8D:A6:D1:C6:BB:27:2D:BA:93:80:1A:1F:16:8E:4E:08"
  21 + name_identifier_format: "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
  1 +require 'redmine'
  2 +require 'ruby-saml'
  3 +
  4 +Redmine::Plugin.register :redmine_saml_auth do
  5 + name 'Redmine SAML auth plugin'
  6 + author 'Casper Valdemar Poulsen'
  7 + description 'Enables authentication using SAML'
  8 + version '0.1.0'
  9 +end
test/test_helper.rb View file @ 7db42b1
  1 +# Load the normal Rails helper
  2 +require File.expand_path(File.dirname(__FILE__) + '/../../../../test/test_helper')
  3 +
  4 +# Ensure that we are using the temporary fixture path
  5 +Engines::Testing.set_fixture_path